manox14 / arora

Automatically exported from code.google.com/p/arora
0 stars 0 forks source link

Vulnerability in SSL certificate rendering CVE-2011-3367 #951

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Tim Brown found a potential vulnerability in SSL certificate rendering.

When displaying a SSL certificate, an attaquant may be able to spoof at UI 
level (that is to say, the user *see* something else) the domain name of a 
certificate.

[Arora is] vulnerable to UI spoofing due to their use of QLabel objects to 
render externally controlled security critical information.
It is possible to spoof the common name in certificate dialogue UI in a manner 
similar to the previous NULL byte attack. This is due to the fact that the box 
is constructed of many QLabel which all support the QStyleSheet class and have 
rich text rendering enabled by default.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3367
http://www.securityfocus.com/archive/1/520041

Version 0.11 at least is impacted.

Original issue reported on code.google.com by tri...@kumal.info on 22 Feb 2012 at 5:43